Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?
A null session is an anonymous connection to a freely accessible network share called IPC$ on Windows-based servers. It allows immediate
read and write access with Windows NT/2000 and read-access with Windows XP and 2003.
The command to be inserted at the DOS-prompt is as follows:
net use \\IP address_or_host name\ipc$ '' '/user:'
net use
Port numbers 139 TCP and 445 UDP can be used to start a NULL session attack.
A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name. Which of the following are true about the naming conventions of Cisco Router interfaces?
Each correct answer represents a complete solution. Choose all that apply.
A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name.
Following are some of the naming conventions of Cisco Router interfaces:
An Ethernet interface that is fast always starts with an F.
An interface connected to a serial connection always starts with an S.
An interface connected to an Ethernet segment of the network always starts with an E.
An interface connected to a Token Ring segment always starts with To.
You work as the Network Administrator for McNeil Inc. The company has a Unix-based network. You want to identify the secure terminals from where the root can be allowed to log in. Which of the following Unix configuration files can you use to accomplish the task?
In Unix, the /etc/securetty file is used to identify the secure terminals from where the root can be allowed to log in.
Answer B is incorrect. In Unix, the /etc/ioports file shows which I/O ports are in use at the moment.
Answer A is incorrect. In Unix, the /etc/services file is the configuration file that lists the network services that the system supports.
Answer C is incorrect. In Unix, the /proc/interrupts file is the configuration file that shows the interrupts in use and how many of each
there has been.
An attacker wants to connect directly to an unsecured station to circumvent the AP security or to attack the station. Which of the following
tools can be used to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
Ad Hoc Association is a type of attack in which an attacker tries to connect directly to an unsecured station to circumvent the AP security or to
attack the station. Any wireless card or USB adapter can be used to perform this attack.
Answer B and C are incorrect. The MacChanger and SirMACsAlot tools are used to perform MAC spoofing attacks.
You work as a Network Administrator for Tech Perfect Inc. For security issues, the company requires you to harden its routers. You therefore
write the following code:
Router#config terminal
Router(config) #no ip bootp server
Router(config) #no ip name-server
Router(config) #no ntp server
Router(config) #no snmp server
Router(config) #no ip http server
Router(config) #^Z
Router#
What services will be disabled by using this configuration fragment?
Each correct answer represents a complete solution. Choose all that apply.
The above configuration fragment will disable the following services from the router:
The BootP service
The DNS function
The Network Time Protocol
The Simple Network Management Protocol
Hyper Text Transfer Protocol
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!